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CLAIMS 

What is claimed is: 

1 . A computer-implemented method for verifying at runtime an invariant property of 
a data structure of a computer program, comprising: 

automatically generating a first code segment that verifies a runtime value of the 
data structure is consistent with the invariant property in response to an annotation of the 
data structure that defines the invariant property of the data structure; 

comparing the runtime value of the data structure with the invariant property 
during execution of the program via execution of the first code segment; and 

performing a programmed action if the runtime value is inconsistent with the 
invariant property. 

2. The method of claim 1, wherein the invariant property is a range of data addresses 
and further comprising verifying that the runtime value of the data structure is within a 
range of data addresses specified in source code of the computer program. 

3. The method of claim 1, wherein the invariant property is a range of data addresses 
and further comprising: 

automatically generating during compilation a valid data address range including 
an upper bound and a lower bound for the range of data addresses, wherein the source 
code of the computer program does not include a specification of the upper bound and 
lower bound; and 

verifying that the runtime value of the data structure is within the valid data 
address range. 
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4. The method of claim 1 , wherein the invariant property is a range of instruction 
addresses and further comprising verifying that the runtime value of the data structures 
within the range of instruction addresses specified in source code of the computer 
program. 

5. The method of claim 1 , wherein the invariant property is a range of instruction 
addresses and further comprising: 

automatically generating during compilation a valid instruction address range 
including an upper bound and a lower bound for the range of addresses, wherein the 
source code of the computer program does not include a specification of the upper bound 
and lower bound; and 

verifying that the runtime value of the data structure is within the valid instruction 
address range. 

6. The method of claim 1, wherein the invariant property is a range of data values and 
further comprising the step of verifying that the runtime value of the data structure is 
within the range of data values. 

7. The method of claim 1 , further comprising communicating the invariant property 
from a compiler to a code generator. 

8. The method of claim 7, further comprising storing the invariant property in a 
symbol table. 



11 




10001214-1 

9. The method of claim 8, wherein the invariant property is a range of data addresses 
and further comprising verifying that the runtime value of the data structure is within a 
range of data addresses specified in source code of the computer program. 

10. The method of claim 8, wherein the invariant property is a range of data addresses 
and further comprising: 

automatically generating during compilation a valid data address range including 
an upper bound and a lower bound for the range of data addresses, wherein the source 
code of the computer program does not include a specification of the upper bound and 
lower bound; and 

verifying that the runtime value of the data structure is within the valid data 
address range. 

1 1 . The method of claim 8, wherein the invariant property is a range of instruction 
addresses and further comprising verifying that the runtime value of the data structure is 
within the range of instruction addresses specified in source code of the computer 
program. 

12. The method of claim 8, wherein the invariant property is a range of instruction 
addresses and further comprising: 

automatically generating during compilation a valid instruction address range 
including an upper bound and a lower bound for the range of addresses, wherein the 
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5 source code of the computer program does not include a specification of the upper bound 

6 and lower bound; and 

7 verifying that the runtime value of the data structure is within the valid instruction 

8 address range. 

1 13. The method of claim 8, wherein the invariant property is a range of data values and 

2 further comprising the step of verifying that the runtime value of the data structure is 

3 within the range of data values. 



1 14. The method of claim 8, further comprising storing in the symbol table one or more 



2 code addresses associated with one or more updates to the data 



structure. 



15. An apparatus for verifying at runtime an invariant property of a data structure of a 
computer prograrn, comprising: 

means for automatically generating a first code segment that verifies a runtime 
value of the data structure is consistent with the invariant property in response to an 
annotation of the data structure that defines the invariant property of the data structure; 

means for comparing the runtime value of the data structure with the invariant 
property during execution of the program via execution of the first code segment; and 
means for performing a programmed action if the runtime value is inconsistent 
with the invariant property. 
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